iPhones can be tricked into connecting to malicious Wi-Fi networks

Researchers have detailed a weakness effecting some iPhone that can be exploited to force devices to connect to malicious Wi-Fi networks.

Even if the iPhone had never connected to a Wi-Fi network before, this attack method could still work, Skycure researchers found. The problem actually lies with the configuration settings installed by wireless carriers.

In order to provide customers with more reliable data connections on the move, Wi-Fi hotspots are setup in public places targeted at just their customers. For example, AT&T pre-sets iPhones to connect to networks with an SSID of "attwifi". The problem is simple, this connection can happen automatically with no user interaction.

"Setting up such Wi-Fi networks would initiate an automatic attack on nearby customers of the carrier, even if they are using an out-of-the-box iOS device that never connected to any Wi-Fi network," the researchers wrote.